is evident that Sifers-Grayson is having several vulnerabilities in their
network. The red team did several tests on the company network and they
successfully identified vulnerabilities that must be mitigated moving forward. The
red team found out these vulnerabilities by performing several tests which
included: Accessing the R&D servers via a backdoor. They utilized an unprotected
network connection which never had a firewall protection. This meant that a
malicious hacker was able to access the R&D servers and get away with classified
information which was used to perform research and create product designs in
the organization (Cerdeiro, Dziubi?ski
& Goyal, 2015).
read team also made use of stolen user account information to find their way
into the workstations and install malware. For this reason, workstations
connected to the PROM burner in the R&D DevOps lab.
forward, Sifers-Grayson needs to implement various security measures and
policies in order to avoid any data breach or attacks in the future. First, all the workstation users (employees) `need
to be trained and informed on how to make strong passwords that can never be
guessed. The entire Sifers-Grayson network further needs to be secured with a
firewall (Sekhon & Garg, 2015).
This will ensure that the R&D servers are always protected by a firewall
and can never be accessed through the back door. The latest encryption
technologies must be utilized to ensure that all the data in transit even when
intercepted by intruders can never be usable (Daemen & Rijmen, 2013). The
company must also design a backup network and data backups to ensure that critical
information can never be completely lost even when the original database is
compromised. Furthermore, an incidence response team having experienced IT personnel
needs to be set up so that they will at all times be alert to find unusual
activity within Sifers-Grayson network and systems.